[Post by Venkat Balasubramani]

“Scraping” refers to the practice of accessing a website through an automated mechanism (such as a bot) and extracting data. With the proliferation of data on the Internet, the practice of scraping has grown. Scraping has always been a legally questionable practice, but here are some steps you can take to prevent scraping from your website, and steps you can take to bolster a claim against a scraper.

Terms of Service: Maintain a terms of service on the site that prohibits scraping. This way a scraper who accesses the site will arguably do so in violation of the terms of service.

Cease and Desist Letter: Send the scraper a letter that advises that access of the website by the scraper is improper. Any scraping that occurs after the receipt of a cease and desist letter will be viewed unfavorably by the court.

Take technical measures: Any technical measures you can take — such as blocking the scraper’s IP addresses — will help. Implementing a robots.txt exclusion is also useful. As with a cease and desist letter, a scraper who circumvents technical measures is likely to receive a frosty reception in court. Taking and documenting security measures is helpful.

Employ a security/forensic professional: Finally, bringing certain legal claims require you to satisfy a certain “loss” threshold, and steps taken to detect and prevent a security breach will qualify for this threshold. Engaging a security professional can be useful in this regard.

Document: Documenting the scraping incidents and your response will obviously be important, if not critical.